IP Scheme, Firewall, Wired Network Structure, Whitelists
The Pour My Beer LAN is deployed in a configuration that requires minimum setup. However; in some cases our customers choose to use a “Self Managed” (SM) or “Third Party Service
Provider” (TPSP) to configure, manage, and maintain their system’s security protocols. Pour My Beer recommends the following requirements when setting up the LAN through an SM or TPSP.
IP Scheme
● Pour My Beer operates on the 192.168.2.101 - 254 network. Make sure this range is reserved for Pour My Beer.
● The Server is designated 192.168.2.254
● The Charger client(s) are designated to count backwards from .254 (example, 192.168.2.253 for Charger 1)
● The UI Clients are designated 192.168.2.101
● Subnet 255.255.255.0 for the entire network
Firewalls & Whitelist
All ports must be open for unrestricted access as defined in the table below. Please ensure these are applied to both UDP and TCP protocols.
| Source (IP or FQDN) | Destination (IP or FQDN) | Port | Protocol | Direction | Description / Purpose |
| localhost / PourMyBeer Server IP |
80, 443 |
TCP | outbound | PourMyBeer Server needs access to internet |
|
| localhost / PourMyBeer Server IP |
Teamviewer | 5938 | TCP | outbound | Teamviewer needed for remote support |
| localhost / PourMyBeer Server IP |
50.19.192.181 | 20,21, 22 |
TCP | inbound / outbound | FTP file hosting endpoint forPOS integration setup, monitoring, and automated upgrades |
| localhost / PourMyBeer Server IP |
40.122.110.154 | 80, 443 |
TCP | inbound / outbound | POS Integration Support & Monitoring |
| localhost / PourMyBeer Server IP |
40.117.34.242 | 9200 | TCP | outbound | ElasticSearch cloud data storage to backup card info POS integration |
| localhost / PourMyBeer Server IP |
bkg.isogentdev.com | 80, 443 |
TCP | outbound | Client web based reporting portal |
| localhost / PourMyBeer Server IP |
smtp.gmail.com | 465 | TCP | outbound | Optional keg management email alerts |
| localhost / PourMyBeer Server IP |
business.untappd.com | 80, 443 |
TCP | outbound | Client web based reporting portal |
Wired Network Structure
The PourMyBeer system runs off it’s own dedicated LAN (Local Area Network). The following Cat6 Runs must be made before scheduling your PourMyBeer installation.
From Switch to each beer screen: 1 per screen
From Switch to each check-in station: 1 per check-in unit (aka charger)
From Switch to PourMyBeer server: 1 Total
Ethernet from customer supplied router to PourMyBeer server: 1 total
This is a closed loop system, meaning all runs are separate from the Point of Sale system.
All runs must be terminated, tested, and labeled Cat6 with MaleRJ45 ends and wired according to TIA/EIA-568B.
In the event a patch panel is used at your location the customer is responsible for all Cat6 data connections between the patch panel and the screens, check-in terminals, and server.
Physically separated Local Area Network (LAN)
Pour My Beer recommends the Pour My Beer Network should be on it’s own segregated network and does NOT share any connections with any other LANS or VLANS. In an ideal deployment, the Server, Chargers, Switch, and UI Screen Clients should all be on the same LAN.
Non-Pour My Beer devices should not be riding on this network.
Virtual Local Area Network (VLAN)
In the event the Pour My Beer Network cannot be segregated from “other” networks we specify the following requirements.
● VLAN setup for Pour My Beer separate from all other networks.
● VLAN should have the scheme 192.168.2.101 - 254
● A minimum of 1 Ethernet port matched to this VLAN for every IP device on the network.
● Pour My Beer devices ONLY on this network
Internet Requirements
Pour My Beer requires a hard-line ethernet connection at the location of the Pour My Beer Server. Internet speeds should be a minimum of 100 Mbps download and 100 Mbps upload.
In addition to the above, it is recommended if at all possible to give prioritization (QoS) to PourMyBeer network traffic. Your guest wireless network should also be capped or throttled to prevent your bandwidth from being completely used up during peak times with customers streaming. For high volume locations, a backup ISP connection if available as a failover will keep operations running if the primary connection fails.
Self Managed & Third Party Service Provider Network Checklist
| Wired Network | Yes | No |
| All Network cabling is at least CAT6. | ||
| All Network cabling ends are terminated according to the TIA/EIA-568B wiring standard. |
||
| All Clients on the Pour My Beer LAN have at least one Network drop per client. |
||
| All Network Cables have been Identified and labeled. | ||
| All Network Cables have been tested and confirmed to be working. | ||
| At least one Ethernet port for the Pour My Beer LAN. |
| Wireless Network | ||
| Upload speeds of at least 100 mb/s. | ||
| Download speeds of at least 100 mb/s. | ||
| IP Schema | ||
| The range of 192.168.2.101 - 254 has been reserved for Pour My Beer. | ||
| If using a different range, has this reserved range been communicated to the Pour My Beer Installation Coordinator? |
| Firewalls & Whitelisting | ||
| The router is providing unrestricted outbound access to ports 80 & 443? | ||
| The router is providing unrestricted outbound access to ports 465, 5938, 9200? |
||
| The router is providing unrestricted inbound & outbound access to ports 20, 21, and 22? |